Cloud computing is the use of computing resources (hardware and software) which are available in a remote location and accessible over a network, such as the Internet. Users are able to buy these computing resources (including storage and computing power) as a utility on demand. Cloud computing entrusts remote services with a user's data, software and computation. Use of virtual computing resources can provide a number of advantages including cost advantages and/or ability to adapt rapidly to changing computing resource needs.
In a virtual environment, a host server computer can run one or more virtual machines using a hypervisor. The hypervisor presents a guest operating system with a virtual operating platform upon which one or more applications can run. In a virtual environment, a host server computer can run one or more virtual machines (“VMs”) using a hypervisor. The hypervisor enforces memory protections between VMs so a VM cannot read or write memory belonging to other VMs, which could lead to data breaches or memory corruption. Additionally, VMs generally are prohibited from operating actual hardware in the host server (such as disk and network controllers); instead, the hypervisor provides each VM with emulated hardware. The hardware emulation provides enhanced flexibility and security at a performance cost, since the hypervisor must intervene when a VM tries to operate emulated “hardware.” From a security standpoint, none of the software running in a VM is “trusted”—it is a design goal for the virtualized system to be secure and robust even in the face of an active antagonist running in a VM. Such software could launch a denial-of-service attack on the VM (for example, consuming all of the virtual disk or CPU resources allocated to it by the hypervisor), but should not be able to “escape” from the VM and have side effects on the host server or other VMs.
For performance reasons, some hypervisors (Xen, VMWare ESX) provide for VMs to gain full access to the hardware resources of select devices. This feature may be referred to as “direct assignment” or “pass-through.” In this case, the hypervisor provides the VM with full access to the memory-mapped I/O (MMIO) registers and other hardware resources of the device in question, enabling a driver in the VM to operate the hardware without the emulation overhead. To keep the system secure even when device pass through is being performed, the hardware and hypervisor can implement various additional security measures. For example, to prevent DMA (direct memory access)-capable hardware from reading or write memory that does not belong to its VM, a so-called IOMMU (I/O memory management unit), exemplified by Intel's Vt-D technology, imposes an additional layer of address translation into the system. When an IOMMU is in use, the “physical addresses” provided to the VM are, in fact, virtual addresses that are translated by the IOMMU. By ensuring that the IOMMU maps only pages belonging to the correct VM, the hypervisor can enforce memory protections even when DMA-capable hardware is made directly available to VMs.
MMIO registers present an especial set of risks to a virtualized environment when devices are passed through to a VM. Because none of the software running in a VM is “trusted,” the system must be robust in the face of rogue reads and writes to MMIO registers. Fortunately, since MMIO registers are accessed as if they were virtual memory, the hypervisor can use the same memory protection mechanisms that serve to isolate VMs from one another and to restrict the types of memory access that may be performed.
In one particular example, writing a certain value to an MMIO register may cause the hardware to hang, causing a denial-of-service attack on the host server. This attack vector may be mitigated by write-protecting the MMIO register in question. Such a mitigation may filter out specific values, or prohibit writes to the register altogether.
In another particular example, GPUs contain executable code in the form of a VBIOS (video basic I/O system) that assists in the operation of the hardware. VBIOS is part of the hardware resources, so without a mitigation, the platform runs the risk of a privilege escalation in which an antagonist running in a virtual machine can update the VBIOS and potentially inject arbitrary executable code into the host server's boot sequence. This attack vector may be mitigated by write-protecting the MMIO register(s) needed to update the VBIOS.